Averting a ransomware attack ensures safe launch of high-priority annual event


Malware and ransomware attacks have been on the rise.  In scenarios where businesses generate a majority of their annual income around a single calendar event, these types of attacks can have dramatic and lasting impacts. If an organization’s profitability can be eliminated in a matter of days, leaders at organizations are strapped for time with little choice but to comply with the hacker’s demands hoping to restore critical business systems.

The best plan of defense is a robust cybersecurity tool configured for effective monitoring, and a remediation plan for questionable files. One client suspected potential malware on their servers and engaged Kalles Group to successfully help them avoid an incident.    

As a large public institution prepared for the organization’s big annual event, the IT team was alarmed to discover suspicious files within their data center. The organization had a vast and open system and the IT team understood the risks of ransomware and malware.

If the files were indeed malware, the possibility was high that these files would sabotage the datacenter before or on the first day of the event.

An attack at this crucial time would turn the organization’s most critical business day of the year into a disaster, requiring the entire organization to transition all systems to pencil and paper – a huge inconvenience for clients and an enormous demand on resources.

The client had only a few weeks before their event. In order to scan the organization’s servers to identify and isolate the suspicious files, IT leaders at the institution engaged Kalles Group.

The Challenge

Public institutions are desirable targets for these types of attacks because their systems are open to a large population through multiple channels with many device types. This client had several system types open to a large clientele, creating multiple potential attack surfaces. With thousands of clients, there were thousands of logins that could potentially be hacked. Hackers could easily determine business critical event dates because the organizational calendar was public knowledge.

Because this organization was a public entity, and news of a malware attack would generate unwanted press attention, the Kalles Group team sought a working relationship that would ensure the utmost privacy. To communicate with the client, the Kalles Group team worked discreetly through an intermediary only via phone or face-to-face, creating no written record of the engagement. Due to this arrangement, the Kalles Group team had to act quickly with concise and direct communication.

Our Approach:

The organization had hundreds of on site and cloud servers to be scanned for malware. The Kalles Group team determined that they needed to deploy anti-malware and anti-ransomware software, configured to deliver results to a single dashboard from which findings could be managed.

The Kalles Group team worked quickly to deliver their suggested plan, with detailed recommendations and a list of requirements to complete each task.

With few, very efficient communication exchanges, the software was installed. Several files were flagged as malware across the systems, and remediation steps were recommended.

Quotation mark icon

If the files were indeed malware, the possibility was high that these files would sabotage the datacenter before or on the first day of the event.

The Results

Though suspected malware situation is fraught with risk – risk of taking the wrong action, risk of public scrutiny, and risk of being blackmailed – our client made the right choice to engage the Kalles Group cybersecurity team to provide their specific expertise and employ a solution. Scanning for potential infections and having a robust recovery plan in the event that systems are disrupted allowed our client to successfully execute its big annual event while serving its clientele with confidence.